search

nestybox / sysbox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Apache License 2.0
2.78k stars 152 forks source link

Unable to launch sysbox containers in certain KVM-based VMs. #439

Closed rodnymolina closed 2 years ago

rodnymolina commented 2 years ago

We have only observed this issue in Linode VMs thus far ...

The following error is dumped during problem reproduction:

$ docker run --runtime=sysbox-runc -it --rm ubuntu:focal
Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2021-11-23T09:41:52Z" level=error msg="container_linux.go:393: starting container process caused: process_linux.go:607: container init caused: rootfs_linux.go:68: setting up rootfs mounts caused: open sys/devices/virtual/dmi/id/product_uuid: read-only file system"
  Warning  FailedCreatePodSandBox  2m29s (x583 over 12m)  kubelet            (combined from similar events): Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2021-11-23T09:51:44Z" level=error msg="container_linux.go:393: starting container process caused: process_linux.go:607: container init caused: rootfs_linux.go:68: setting up rootfs mounts caused: open sys/devices/virtual/dmi/id/product_uuid: read-only file system"

Sysbox assigns a unique uuid to each sys-container and derives its value from the product_uuid sysfs node, which we bind-mount into the container for this purpose. Unfortunately, this node is not always exposed inside KVM-based virtual-machines, so we may need to rely on a different mechanism to generate unique uuids within sys-containers.

https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/959308 https://www.linode.com/community/questions/17153/missing-sysclassdmiidproduct_uuid-and-syshypervisorid

myugan commented 2 years ago

Hi guys, I'm facing the same issue when trying to upgrade sysbox version 0.3.0 to above like 0.4.0 and so on in Linode, it shows me about product_uuid permission denied

rodnymolina commented 2 years ago

@myugan, this is expected in Linode VMs. Unfortunately, we haven't had the cycles to have this fixed yet.

Thanks for letting us know.

angushenderson commented 2 years ago

Hi, I really appreciate all your work on this project, it's really awesome!

I too am facing a similar issue to this on Ubuntu for Raspberry Pi, and am just wondering if you have a rough eta/timeline of when this fix will be deployed.

Thanks in advance!

ctalledo commented 2 years ago

Hi, I really appreciate all your work on this project, it's really awesome!

I too am facing a similar issue to this on Ubuntu for Raspberry Pi, and am just wondering if you have a rough eta/timeline of when this fix will be deployed.

Thanks in advance!

Thanks @angushenderson. Unfortunately we can't provide a rough ETA yet because we are reassessing priorities for Sysbox features now that Docker has acquired Nestybox. As soon as we have more visibility we will post this info. Thanks.

rodnymolina commented 2 years ago

Hi @myugan and @angushenderson, just wanted to let you know that we have just merged the changes required to have this issue fixed, which will be incorporated in our next release. In the meantime, if you want to test this yourself, please build Sysbox from sources and let us know how it goes.

I'll go ahead and close this issue now. Thanks!